CVE-2025-11445

A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...

CVE-2025-11445

A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...

CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection

A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...

CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection

A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...

Kilo Code 安全漏洞

Kilo Code is an AI coding assistant open-sourced by Kilo Code. A security vulnerability exists in Kilo Code 4.86.0 and earlier versions, which stems from improper manipulation of the ClineProvider function in the Prompt Handler component, which could lead to an injection attack...

PT-2025-41241

Name of the Vulnerable Software and Affected Versions Kilo Code versions prior to 4.86.0 Description A flaw exists in Kilo Code that allows for injection through manipulation of the ClineProvider function within the src/core/webview/ClineProvider.ts file of the Prompt Handler component. This issu...